CVE-2010-3338

EXPLOITED

Windows Task Scheduler - Privilege Escalation via Security Context Mismanagement

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2010-3338 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 4 public exploits from researchers including jduck, Ascotbe, including a Metasploit module exploits/windows/local/ms10_092_schelevator.

AI-analyzed exploit summary This exploit leverages a privilege escalation vulnerability in Windows Task Scheduler by manipulating the CRC-32 checksum of a scheduled task file to execute arbitrary commands with elevated privileges. It creates a malicious task that adds a new administrator user.

Description

The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the security context of scheduled tasks, which allows local users to gain privileges via a crafted application, aka "Task Scheduler Vulnerability." NOTE: this might overlap CVE-2010-3888.

Exploits (4)

exploitdb WORKING POC
localwindows
https://www.exploit-db.com/exploits/15589

This exploit leverages a privilege escalation vulnerability in Windows Task Scheduler by manipulating the CRC-32 checksum of a scheduled task file to execute arbitrary commands with elevated privileges. It creates a malicious task that adds a new administrator user.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Windows Task Scheduler (Windows 7/2008 x86/x64)
No auth needed
Prerequisites: Local access to the target system · Ability to execute scripts
devstral-2 · analyzed Feb 19, 2026 Full analysis →
exploitdb WORKING POC
rubylocalwindows
https://www.exploit-db.com/exploits/19930

This Metasploit module exploits CVE-2010-3338, a privilege escalation vulnerability in Windows Task Scheduler 2.0. It manipulates task files by creating a CRC32 collision to execute arbitrary commands with SYSTEM privileges.

Classification
Working Poc 100%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Windows Task Scheduler 2.0 (Windows Vista, 7, and 2008)
Auth required
Prerequisites: Local access to the target system · Ability to create and modify task files
devstral-2 · analyzed Feb 19, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by jduck · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/ms10_092_schelevator.rb

This Metasploit module exploits CVE-2010-3338 by manipulating Windows Task Scheduler XML files to achieve privilege escalation. It leverages CRC32 collisions to bypass integrity checks and execute arbitrary commands with SYSTEM privileges.

Classification
Working Poc 100%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Windows Task Scheduler 2.0 (Windows Vista, 7, 2008)
Auth required
Prerequisites: Meterpreter session · Ability to read/write task files
devstral-2 · analyzed Feb 19, 2026 Full analysis →
patchapalooza NO CODE
by Ascotbe · local
https://github.com/Ascotbe/Kernelhub

References (4)

Core 4
Core References
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA10-348A.html
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12304
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1024874

Scores

EPSS 0.6037
EPSS Percentile 98.3%

Details

VulnCheck KEV 2021-12-15
CWE
CWE-20
Status published
Products (4)
microsoft/windows_7
microsoft/windows_server_2008 (6 CPE variants)
microsoft/windows_server_2008 r2 (2 CPE variants)
microsoft/windows_vista (2 CPE variants)
Published Dec 16, 2010
Tracked Since Feb 18, 2026